If someone tries to guess your username and password or tries a brute-force attack they’ll most probably start with username “admin”. This is the default username used by too many sites and should be removed.

Create a new user and assign him the “administrator” role. Try not to use usernames like: “root”, “god”, “null” or similar ones. Once you have the new user created delete the “admin” one and assign all post/pages he may have created to the new user.

If you are concerned about WordPress security on your site, we encourage you to follow the full set of tips on our WordPress Security page. And get in touch if you need help with protecting your site from hackers.